Security Basics mailing list archives

Re: monitor traffic on host

From: network_intern () someplace gov
Date: 18 Sep 2007 19:16:10 -0000

Kelly,

Use a toner to determine which port on the switch the guy is plugged into. Then set up a mirror port and forward all 
the traffic to an IDS box or whatever. 

BTW, I know for a fact that newer versions of Foundry IOS have a capability called sflow which forwards all traffic 
that goes across them to one centralized logging host. Maybe you should look into that? Cisco Catalyst switches have a 
similar capability, but I can't recall the name.

For sflow help, go into global config and type `sflow ?'

HTH,
--Anonymous Intern

Current thread:

monitor traffic on host Kelly Keeton (Sep 18)
- RE: monitor traffic on host Weir, Jason (Sep 18)
- RE: monitor traffic on host TVB NOC (Sep 18)
- RE: monitor traffic on host Sentissi, Mohamed (Simo) (Sep 18)
- Re: monitor traffic on host Steven Hollingsworth (Sep 18)
- Re: monitor traffic on host Kurt Buff (Sep 18)
- <Possible follow-ups>
- Re: monitor traffic on host network_intern (Sep 18)